226319 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fixed a warning during rehash As previously explained, the rehash process delays the migration of filters from one region to another. This is done by iterating over all chunks all filters with the same...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: SCO: Fixed issue where user input is not validated before calling setockopt. The syzbot reported that scosocksetsockopt copies data without checking the length of the user input. BUG: KASAN: Out-of-bounds access in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: ena: Fixed incorrect descriptor freeing behavior. ENA has two types of TX queues: - Queues that only process TX packets arriving from the network stack. - Queues that only process TX packets forwarded to them by XDPREDIRECT ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fixed a possible use-after-free during rehash. The rehash process delays the migration of filters from one region to another based on the number of available credits. If the number of credits is...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed an information leak in btrfsioctllogicaltoino. Syzbot reported the following information leaks related to btrfsioctllogicaltoino: - BUG: KMSAN: A kernel-infoleak exists in instrumentcopytouser from...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: DCCP: Fixed out-of-bounds access in the DCCP error handler. There was a previous attempt to fix an out-of-bounds access in the DCCP error handlers, but that fix assumed that the error handlers only wanted to access the first 8...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: qmiencdec: Restrict string length in decode The QMI TLV value for strings in many qmi element information structures accounts for null-terminated strings with a length of MAXLEN + 1. If a string actually has a length o...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: iavf: Fixed an out-of-bounds situation when setting channels during iavfremove. If the channels are set to a value greater than what is actually allocated, it will cause a timeout, and an error will be returned. However, the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iavf: Fixed a use-after-free in freenetdev. We perform netifnapiadd for all allocated qvectors, but potentially also perform netifnapidel for some of them. Then, we call kfree on the qvectors, leaving invalid pointers in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Staging: ks7010 – potential buffer overflow in kswlansetencodeext. “exc-keylen” is a u16 value provided by the user. If this value exceeds IWENCODINGTOKENMAX 64, it could lead to memory corruption...
Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: cifs: fixed a underflow issue in parseserverinterfaces. In this loop, we iterate through the buffer. After processing each item, we check whether the sizeleft is greater than the minimum size required. However, the problem arises...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: savage: An error will occur if pixclock equals zero. The user-space program can pass any value to the driver through the ioctl interface. If the driver does not check the value of pixclock, a divide-by-zero error may occur...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: Tracing: Ensure visibility when inserting an element into tracingmap. Running the following two commands in parallel on a multi-processor AArch64 machine may occasionally generate an unexpected warning regarding duplicate...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: llc: Calling sockorphan at the release time syzbot reported an interesting trace 1 caused by a stale pointer to sk-skwq in a closed llc socket. In the commit ff7b11aa481f "net: socket: setting sock-sk to NULL after calling...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A out-of-bounds read vulnerability was discovered in smbCalcSize in the fs/smb/client/netmisc.c file within the Linux kernel. This issue could allow a local attacker to crash the system or leak internal kernel information...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A flaw was discovered in the Linux kernel’s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packets when using NVMe over TCP. This can lead to the NVMe driver dereferencing a NULL pointer, resulting in kernel panic and a denial of service...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A use-after-free flaw was discovered in the Linux kernel due to a race condition in the unix garbage collector’s deletion of SKB races involving the unixstreamread generic function on the socket onto which the SKB is queued...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: perf: hisi: Fixed a use-after-free when attempting to register the uncore PMU. When we fail to register the uncore PMU, the PMU context may not be allocated. Handling this error will involve calling cpuhpstateremoveinstance, whic...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prpcreatetaggedframe The prpfillrct function may fail. In that case, it frees the skb and returns NULL. On the successful path, however, it returns the original skb. Therefore, it is straightforward...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: nbd: Fixed a UAF Use-after-Allocation in nbdopen. The commit 4af5f2e03013 “nbd: Use blkmqallocdisk and blkcleanupdisk“” addresses the issue where blkcleanupdisk no longer sets disk-privatedata to NULL. A UAF could potentially...